Three years ago, my life took a turn that has been the most rewarding to date. My wife and I started a family and today are the parents of a very happy and active toddler. I’ll never forget the first time we left him with a sitter. Even though we would only be gone a few hours, knew he would be fine, and knew the sitter well, I was quite nervous because after all, this is my first and only son I’m leaving with someone! The evening went fine, but not before I took the sitter around the house showing her where every fire extinguisher was, where the panic buttons were, first aid kits, and where every number she could ever need was on speed dial. I’m the kind of person who doesn’t take chances.
Trusting your data to a cloud, whether it be IaaS or SaaS, is just about as nerve-wracking as leaving your first-born with a sitter. You trust that everything will be ok, take all the precautions, and yet, if something happens, you’ll never forgive yourself.
Here at Extreme Networks, we’ve gone out of our way to make you sleep a lot better at night when trusting us to safeguard your data. In this blog, I’m going to tell you about what we’ve done and where we’re going, and why you should rest easy knowing your network management data is secure inside of ExtremeCloud IQ.
ExtremeCloud IQ uses two key concepts for our architecture – the Global Data Center (GDC) and the Regional Data Center (RDC). Let’s talk about each briefly.
The GDC exists in both the US and in Europe. The GDC’s primary job is to process logins and redirect you to the virtual instance contained on the RDC. There are more functions that the GDC performs, such as licensing and device redirection, but authentication is its most important job.
GDC’s are redundant across availability zones in both the US and in Europe and are IP load-balanced by geo-location mechanisms so that you’ll always be connected to the nearest system.
Accounts governed by GDPR and other European areas are solely stored on the European GDC, while the US, Canada, and a few other nations in the western hemisphere are stored on the US GDC. Each GDC federates with the other to allow traveling administrators to log in no matter where they may be, but the soul location of the account is only on one GDC for protection of the Personally Identifiable Information (PII) that is the user’s email address.
The RDC is the workhorse. This is where all devices connect, you as the administrator configure and operate your network, and where all data is processed and stored for devices you operate.
There are 16 RDC’s around the world today hosted across Amazon AWS, Google GCP, and Microsoft Azure. Each of the RDC’s exists as a series of large Kubernetes pods of microservices, each redundant across availability zones, resulting in an architecture that is disaster survivable and virtually impossible to have a major worldwide outage. The RDC’s and GDC’s talk to each other, and data stored on an RDC never leaves that RDC for any reason. If your data is supposed to be in Switzerland, that’s exactly where it will always be.
From the second you boot an access point or a switch, the communication between that device and ExtremeCloud IQ is encrypted. We utilize a couple of different protocols to exchange information depending on data type and device, but all data is sent to us encryption. At no point is anything “in the clear.”
Once your data arrives at the Regional Data Center, that data is stored in various database systems depending on what type of data it is. All of the storage volumes utilized by our various database systems (both SQL-based and noSQL-based) are encrypted with AES-256 while at rest and use keys managed by ExtremeCloud IQ Cloud Operations as part of our ISMS (Information Security Management System).
All of your interaction with our UI or the API is via HTTPS, and that’s encrypted too.
We back up the GDC’s and RDC’s daily and retain 90 days of backups. The backups are encrypted at rest using AES-256 and are geographically remote from the region the GDC or RDC is stored in. This way, even if a disaster takes out an entire cloud region, we can use backups to restore any part of Cloud IQ into another region or even another cloud provider, again, making a large-scale disaster virtually impossible.
Redundant copies of backups are only stored within their data domains. A second copy of backups from EU and Asia RDC’s is stored in our Ireland data center. Within the US, the backup copies are stored in alternate US regions.
Each customer within ExtremeCloud IQ is isolated using a unique key that identifies their data, known as the “VIQ ID”. This ID is used within the product to control database shard location and isolates customers from each other. Your data is your data within Cloud IQ and cannot be accessed by anyone outside of your organization.
Extreme has a team of data privacy advocates from all product teams in the company that meet regularly with our legal department to discuss the impacts of data privacy from all new products and features. We design privacy into everything by design.
We also practice strict data control for all customer data. We do not use live customer data for testing, or development, and we don’t share data with anyone internally to Extreme so that you have the confidence that your data is truly, yours.
Change Controls and Vulnerability Prevention
We have strict change controls and QA processes in place for Cloud Operations, all built around our Continuous Integration/Continuous Delivery agile development model. Changes and updates are processed by many layers of automated and manual QA, tested in separate staging environments, and any change or update is performed using a two-man principal. No person implementing a change or documenting the change can approve it, and all changes must be reviewed.
All code that we develop is continuously scanned for malicious code, XSS, and other improper input handling that could result in production issues or data disclosures.
ISO Standards for Security
ExtremeCloud IQ has been ISO 27001 certified for nearly 2 years now. ISO 27001 is one of a family of standards developed by the International Standards Organization (ISO) for the implementation of an Information Security Management System. The ISO 27001 standard is broken down in to 14 categories, encompassing 114 separate controls, spanning topics like organization, HR, asset management, cryptography, and physical and environmental security. Extreme has a documented ISO 27001 compliant ISMS, and it is both internally and externally audited and certified. Our ISO certificate is located here:
A New Wave of Confidence
In furtherance of our domination of being the most secure cloud management platform in the industry, we have also begun undertaking efforts to audit and certify as both ISO 27017 and 27701 which will be complete before year-end.
ISO 27017 is the ISO standard for Cloud operation, which is technically titled, “Code of practice for information security controls based on ISO/IEC 27002 for cloud services”. This standard involves 37 additional controls along with further internal and external audit all pertaining to cloud operations.
ISO 27701 implements a PIMS, or a Privacy Information Management System, and governs all aspects of data privacy for ExtremeCloud IQ. ISO 27701 is a brand-new certification and Extreme Networks and ExtremeCloud IQ is the only organization across many disciplines actively developing our platform to support compliancy with this standard. With ISO 27701 in place, if you have data privacy concerns, you can rest easy knowing your data is safe.
By end of the year, ExtremeCloud IQ will be the ONLY cloud management solution with all three major ISO certifications for cloud, giving you assurance that we are protecting the solution, your productivity, and your data.
Upon completion of our ISO 27017 and 27701 certifications, Extreme will begin planning for a SOC 2 audit, to be completed by mid 2021.
SOC, or System and Organizational Controls, provides for a detailed definition of the system being audited, the controls, and how they are assessed. SOC audits are performed by a CPA and are available as a type 1 or type 2. The type 2 is often called a “SOC 2” audit and is more thorough and extensive.
SOC covers five trust factors of secure data processing and storage. The SOC auditors look for the candidate to demonstrate proficiency across one of more of these criteria:
SOC 2 reports often address one or more of the above trust factors.
SOC2 audits differ from ISO in that ISO certifications certify that you have implemented all of the controls and requirements of the standard, whereas a SOC audit proves that not only are the controls in place, but that all data, operations, and controls are implemented and being properly used. Effectively, ISO sets the standard and SOC proves you’re actually using it, which is why SOC is more of a financial-style assessment.
Having both SOC Type 2 and ISO 27001, 27017, and 27701 will be industry firsts for many products in the cloud industry, and ExtremeCloud IQ is leading the way.
CSA Star Level 1
On top of all of this, by end of 2020, we will also have CSA (Cloud Security Alliance) STAR Level 1 attestation. If you haven’t been counting, that’s FIVE security certifications for one product, with all certifications singularly focused on protection of data and reliable operation of cloud services.
Several weeks ago, we announced “unlimited data” within ExtremeCloud IQ. This means customers now have the ability to determine their data duration within the product. Soon, we’ll have options for 30 days, 90 days, or unlimited retention. What’s “unlimited?” It means that as long as you’re a customer, your data will be there, and you’ll be able to report on it, protected by the most secure cloud environment we can deliver.
So there you have it. There’s a lot of burden off of your shoulders if you just move to cloud. We take care of protecting your data, making it redundant, and making it always available. So, sleep well knowing your data is safe, your network is operating, and it will always be as long as you use ExtremeCloud IQ. Goodnight.